Adds a parameter to specify endpoint type
When getting a service catalog from keystone there might be multiple endpoint types. Adds new parameters to specify the endpoint type to use in each of the new neutron/nova groups. Nova config attributes are removed as the endpoint would be retrieved from the service catalog with respective endpoint_type and corresponding roles would define nova access. CONFIG is added as needed and cfg being removed. Change-Id: Ie01bd6967eb2003dbe4f7a11ffe8e20a16aa83f5
This commit is contained in:
parent
25bcbc1cc1
commit
22097dc88f
|
@ -11,10 +11,6 @@
|
|||
#
|
||||
# octavia_plugins = hot_plug_plugin
|
||||
|
||||
# Region in Identity service catalog to use for communication with the OpenStack services.
|
||||
#
|
||||
# os_region_name =
|
||||
|
||||
# Hostname to be used by the host machine for services running on it.
|
||||
# The default value is the hostname of the host machine.
|
||||
# host =
|
||||
|
@ -220,8 +216,22 @@
|
|||
# Custom nova endpoint if override is necessary
|
||||
# endpoint =
|
||||
|
||||
# Region in Identity service catalog to use for communication with the OpenStack services.
|
||||
# region_name =
|
||||
|
||||
# Endpoint type in Identity service catalog to use for communication with
|
||||
# the OpenStack services.
|
||||
# endpoint_type = publicURL
|
||||
|
||||
[neutron]
|
||||
# The name of the neutron service in the keystone catalog
|
||||
# service_name =
|
||||
# Custom neutron endpoint if override is necessary
|
||||
# endpoint =
|
||||
|
||||
# Region in Identity service catalog to use for communication with the OpenStack services.
|
||||
# region_name =
|
||||
|
||||
# Endpoint type in Identity service catalog to use for communication with
|
||||
# the OpenStack services.
|
||||
# endpoint_type = publicURL
|
||||
|
|
|
@ -27,18 +27,21 @@ class NovaAuth(object):
|
|||
nova_client = None
|
||||
|
||||
@classmethod
|
||||
def get_nova_client(cls, region, service_name=None, endpoint=None):
|
||||
def get_nova_client(cls, region, service_name=None, endpoint=None,
|
||||
endpoint_type='publicURL'):
|
||||
"""Create nova client object.
|
||||
|
||||
:param region: The region of the service
|
||||
:param service_name: The name of the nova service in the catalog
|
||||
:param endpoint: The endpoint of the service
|
||||
:param endpoint_type: The type of the endpoint
|
||||
:return: a Nova Client object.
|
||||
:raises Exception: if the client cannot be created
|
||||
"""
|
||||
if not cls.nova_client:
|
||||
kwargs = {'region_name': region,
|
||||
'session': keystone.get_session()}
|
||||
'session': keystone.get_session(),
|
||||
'endpoint_type': endpoint_type}
|
||||
if service_name:
|
||||
kwargs['service_name'] = service_name
|
||||
if endpoint:
|
||||
|
@ -56,18 +59,21 @@ class NeutronAuth(object):
|
|||
neutron_client = None
|
||||
|
||||
@classmethod
|
||||
def get_neutron_client(cls, region, service_name=None, endpoint=None):
|
||||
def get_neutron_client(cls, region, service_name=None, endpoint=None,
|
||||
endpoint_type='publicURL'):
|
||||
"""Create neutron client object.
|
||||
|
||||
:param region: The region of the service
|
||||
:param service_name: The name of the neutron service in the catalog
|
||||
:param endpoint: The endpoint of the service
|
||||
:param endpoint_type: The endpoint_type of the service
|
||||
:return: a Neutron Client object.
|
||||
:raises Exception: if the client cannot be created
|
||||
"""
|
||||
if not cls.neutron_client:
|
||||
kwargs = {'region_name': region,
|
||||
'session': keystone.get_session()}
|
||||
'session': keystone.get_session(),
|
||||
'endpoint_type': endpoint_type}
|
||||
if service_name:
|
||||
kwargs['service_name'] = service_name
|
||||
if endpoint:
|
||||
|
|
|
@ -54,27 +54,6 @@ core_opts = [
|
|||
"means no limit")),
|
||||
cfg.StrOpt('host', default=utils.get_hostname(),
|
||||
help=_("The hostname Octavia is running on")),
|
||||
cfg.StrOpt('nova_url',
|
||||
default='http://127.0.0.1:8774/v2',
|
||||
help=_('URL for connection to nova')),
|
||||
cfg.StrOpt('nova_admin_username',
|
||||
help=_('Username for connecting to nova in admin context')),
|
||||
cfg.StrOpt('nova_admin_password',
|
||||
help=_('Password for connection to nova in admin context'),
|
||||
secret=True),
|
||||
cfg.StrOpt('nova_admin_tenant_id',
|
||||
help=_('The uuid of the admin nova tenant')),
|
||||
cfg.StrOpt('nova_admin_auth_url',
|
||||
default='http://localhost:5000/v2.0',
|
||||
help=_('Authorization URL for connecting to nova in admin '
|
||||
'context')),
|
||||
cfg.StrOpt('nova_ca_certificates_file',
|
||||
help=_('CA file for novaclient to verify server certificates')),
|
||||
cfg.BoolOpt('nova_api_insecure', default=False,
|
||||
help=_("If True, ignore any SSL validation issues")),
|
||||
cfg.StrOpt('os_region_name',
|
||||
help=_('Region in Identity service catalog to use for '
|
||||
'communication with the OpenStack services.')),
|
||||
cfg.StrOpt('octavia_plugins',
|
||||
default='hot_plug_plugin',
|
||||
help=_('Name of the controller plugin to use'))
|
||||
|
@ -357,7 +336,12 @@ nova_opts = [
|
|||
cfg.StrOpt('service_name',
|
||||
help=_('The name of the nova service in the keystone catalog')),
|
||||
cfg.StrOpt('endpoint', help=_('A new endpoint to override the endpoint '
|
||||
'in the keystone catalog.'))
|
||||
'in the keystone catalog.')),
|
||||
cfg.StrOpt('region_name',
|
||||
help=_('Region in Identity service catalog to use for '
|
||||
'communication with the OpenStack services.')),
|
||||
cfg.StrOpt('endpoint_type', default='publicURL',
|
||||
help=_('Endpoint interface in identity service to use')),
|
||||
]
|
||||
|
||||
neutron_opts = [
|
||||
|
@ -365,7 +349,12 @@ neutron_opts = [
|
|||
help=_('The name of the neutron service in the '
|
||||
'keystone catalog')),
|
||||
cfg.StrOpt('endpoint', help=_('A new endpoint to override the endpoint '
|
||||
'in the keystone catalog.'))
|
||||
'in the keystone catalog.')),
|
||||
cfg.StrOpt('region_name',
|
||||
help=_('Region in Identity service catalog to use for '
|
||||
'communication with the OpenStack services.')),
|
||||
cfg.StrOpt('endpoint_type', default='publicURL',
|
||||
help=_('Endpoint interface in identity service to use')),
|
||||
]
|
||||
|
||||
# Register the configuration options
|
||||
|
|
|
@ -28,6 +28,7 @@ LOG = logging.getLogger(__name__)
|
|||
CONF = cfg.CONF
|
||||
CONF.import_group('keystone_authtoken', 'octavia.common.config')
|
||||
CONF.import_group('networking', 'octavia.common.config')
|
||||
CONF.import_group('nova', 'octavia.common.config')
|
||||
|
||||
|
||||
class VirtualMachineManager(compute_base.ComputeBase):
|
||||
|
@ -36,9 +37,10 @@ class VirtualMachineManager(compute_base.ComputeBase):
|
|||
def __init__(self):
|
||||
super(VirtualMachineManager, self).__init__()
|
||||
# Must initialize nova api
|
||||
region = CONF.os_region_name
|
||||
self._nova_client = clients.NovaAuth.get_nova_client(
|
||||
region, endpoint=CONF.nova.endpoint)
|
||||
endpoint=CONF.nova.endpoint,
|
||||
region=CONF.nova.region_name,
|
||||
endpoint_type=CONF.nova.endpoint_type)
|
||||
self.manager = self._nova_client.servers
|
||||
|
||||
def build(self, name="amphora_name", amphora_flavor=None, image_id=None,
|
||||
|
|
|
@ -34,6 +34,11 @@ AAP_EXT_ALIAS = 'allowed-address-pairs'
|
|||
VIP_SECURITY_GRP_PREFIX = 'lb-'
|
||||
OCTAVIA_OWNER = 'Octavia'
|
||||
|
||||
CONF = cfg.CONF
|
||||
CONF.import_group('nova', 'octavia.common.config')
|
||||
CONF.import_group('controller_worker', 'octavia.common.config')
|
||||
CONF.import_group('networking', 'octavia.common.config')
|
||||
|
||||
|
||||
class AllowedAddressPairsDriver(neutron_base.BaseNeutronDriver):
|
||||
|
||||
|
@ -41,8 +46,11 @@ class AllowedAddressPairsDriver(neutron_base.BaseNeutronDriver):
|
|||
super(AllowedAddressPairsDriver, self).__init__()
|
||||
self._check_aap_loaded()
|
||||
self.nova_client = clients.NovaAuth.get_nova_client(
|
||||
cfg.CONF.os_region_name, service_name=cfg.CONF.nova.service_name,
|
||||
endpoint=cfg.CONF.nova.endpoint)
|
||||
endpoint=CONF.nova.endpoint,
|
||||
region=CONF.nova.region_name,
|
||||
endpoint_type=CONF.nova.endpoint_type,
|
||||
service_name=CONF.nova.service_name,
|
||||
)
|
||||
|
||||
def _check_aap_loaded(self):
|
||||
aliases = [ext.get('alias') for ext in self._extensions]
|
||||
|
@ -131,7 +139,7 @@ class AllowedAddressPairsDriver(neutron_base.BaseNeutronDriver):
|
|||
|
||||
# Currently we are using the VIP network for VRRP
|
||||
# so we need to open up the protocols for it
|
||||
if (cfg.CONF.controller_worker.loadbalancer_topology ==
|
||||
if (CONF.controller_worker.loadbalancer_topology ==
|
||||
constants.TOPOLOGY_ACTIVE_STANDBY):
|
||||
try:
|
||||
self._create_security_group_rule(
|
||||
|
@ -178,7 +186,7 @@ class AllowedAddressPairsDriver(neutron_base.BaseNeutronDriver):
|
|||
a neutron port does not happen immediately.
|
||||
"""
|
||||
attempts = 0
|
||||
while attempts <= cfg.CONF.networking.max_retries:
|
||||
while attempts <= CONF.networking.max_retries:
|
||||
try:
|
||||
self.neutron_client.delete_security_group(sec_grp)
|
||||
LOG.info(_LI("Deleted security group %s"), sec_grp)
|
||||
|
@ -192,7 +200,7 @@ class AllowedAddressPairsDriver(neutron_base.BaseNeutronDriver):
|
|||
"%(sg)s failed."),
|
||||
{'attempt': attempts + 1, 'sg': sec_grp})
|
||||
attempts += 1
|
||||
time.sleep(cfg.CONF.networking.retry_interval)
|
||||
time.sleep(CONF.networking.retry_interval)
|
||||
message = _LE("All attempts to remove security group {0} have "
|
||||
"failed.").format(sec_grp)
|
||||
LOG.exception(message)
|
||||
|
|
|
@ -27,15 +27,20 @@ from octavia.network.drivers.neutron import utils
|
|||
LOG = logging.getLogger(__name__)
|
||||
SEC_GRP_EXT_ALIAS = 'security-group'
|
||||
|
||||
CONF = cfg.CONF
|
||||
CONF.import_group('neutron', 'octavia.common.config')
|
||||
|
||||
|
||||
class BaseNeutronDriver(base.AbstractNetworkDriver):
|
||||
|
||||
def __init__(self):
|
||||
self.sec_grp_enabled = True
|
||||
self.neutron_client = clients.NeutronAuth.get_neutron_client(
|
||||
cfg.CONF.os_region_name,
|
||||
service_name=cfg.CONF.neutron.service_name,
|
||||
endpoint=cfg.CONF.neutron.endpoint)
|
||||
endpoint=CONF.neutron.endpoint,
|
||||
region=CONF.neutron.region_name,
|
||||
endpoint_type=CONF.neutron.endpoint_type,
|
||||
service_name=CONF.neutron.service_name
|
||||
)
|
||||
extensions = self.neutron_client.list_extensions()
|
||||
self._extensions = extensions.get('extensions')
|
||||
self._check_sec_grps()
|
||||
|
|
|
@ -127,7 +127,7 @@ class NoopManager(object):
|
|||
|
||||
|
||||
class NoopNetworkDriver(driver_base.AbstractNetworkDriver):
|
||||
def __init__(self, region=None):
|
||||
def __init__(self):
|
||||
super(NoopNetworkDriver, self).__init__()
|
||||
self.driver = NoopManager()
|
||||
|
||||
|
|
|
@ -41,7 +41,8 @@ class TestNovaAuth(base.TestCase):
|
|||
|
||||
# Mock out the keystone session and get the client
|
||||
keystone._SESSION = mock.MagicMock()
|
||||
bc1 = clients.NovaAuth.get_nova_client(region=None)
|
||||
bc1 = clients.NovaAuth.get_nova_client(region=None,
|
||||
endpoint_type='publicURL')
|
||||
|
||||
# Our returned client should also be the saved client
|
||||
self.assertIsInstance(
|
||||
|
@ -56,7 +57,7 @@ class TestNovaAuth(base.TestCase):
|
|||
# Getting the session again should return the same object
|
||||
bc2 = clients.NovaAuth.get_nova_client(
|
||||
region="test-region", service_name='novaEndpoint1',
|
||||
endpoint="test-endpoint")
|
||||
endpoint="test-endpoint", endpoint_type='adminURL')
|
||||
self.assertIs(bc1, bc2)
|
||||
|
||||
|
||||
|
@ -79,7 +80,8 @@ class TestNeutronAuth(base.TestCase):
|
|||
|
||||
# Mock out the keystone session and get the client
|
||||
keystone._SESSION = mock.MagicMock()
|
||||
bc1 = clients.NeutronAuth.get_neutron_client(region=None)
|
||||
bc1 = clients.NeutronAuth.get_neutron_client(
|
||||
region=None, endpoint_type='publicURL')
|
||||
|
||||
# Our returned client should also be the saved client
|
||||
self.assertIsInstance(
|
||||
|
@ -94,5 +96,5 @@ class TestNeutronAuth(base.TestCase):
|
|||
# Getting the session again should return the same object
|
||||
bc2 = clients.NeutronAuth.get_neutron_client(
|
||||
region="test-region", service_name="neutronEndpoint1",
|
||||
endpoint="test-endpoint")
|
||||
endpoint="test-endpoint", endpoint_type='publicURL')
|
||||
self.assertIs(bc1, bc2)
|
||||
|
|
Loading…
Reference in New Issue